class UsersController < ApplicationController

  skip_before_filter :authenticate
  before_filter :load_itens

  def index
    @users = User.find(:all, :order => "login asc")
  end

  def edit
    @user = User.find(params[:id])
  end

  def update
    @user = User.find(params[:id])
    respond_to do |format|
      if @user.update_attributes(params[:user])
        flash[:notice] = "Usuário atualizado com sucesso!"
        format.html {redirect_to ac_users_path}
      else
        format.html {redirect_to edit_user_path(params[:id])}
      end
    end
  end

  # render new.rhtml
  def new
  end

  def create
    cookies.delete :auth_token
    # protects against session fixation attacks, wreaks havoc with 
    # request forgery protection.
    # uncomment at your own risk
    # reset_session
    @user = User.new(params[:user])
    @user.tipouser_id = params[:user][:tipouser_id]
    @user.save
    if @user.errors.empty?
      self.current_user = @user
      redirect_to ac_users_path
      flash[:notice] = "Obrigado por se inscrever!"
    else
      render :action => 'new'
    end
  end

  def destroy
    @user = User.find(params[:id])
    respond_to do |format|
      if current_user == @user
        flash[:error] = 'Você não pode apagar sua propria conta.'
        format.html { redirect_to ac_users_url }
      else
        @user.destroy
        format.html { redirect_to ac_users_url }
        format.xml  { head :ok }
      end
    end
  end

  def load_itens
    @tipousers = Tipouser.find(:all).collect{|t| [t.perfil, t.id]}
  end

end
